Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203134363138.roa
File: 3138352e3234342e39352e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: BX+afd5v4CnQw1Csb+gERO9bOUf9cjiesQkq05EVznU=
Subject key identifier: 56:35:0C:92:DB:0C:3E:C1:3E:18:23:CA:67:CB:38:32:2A:59:C8:48
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3FDE66B02821B211F17822736FE7DE014819215F
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203134363138.roa
Signing time: Fri 02 May 2025 03:54:04 +0000
ROA not before: Fri 02 May 2025 03:49:04 +0000
ROA not after: Fri 01 May 2026 03:54:04 +0000
asID: 14618
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 17:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:de:66:b0:28:21:b2:11:f1:78:22:73:6f:e7:de:01:48:19:21:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: May 2 03:49:04 2025 GMT
Not After : May 1 03:54:04 2026 GMT
Subject: CN=56350C92DB0C3EC13E1823CA67CB38322A59C848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9c:46:68:d4:c9:53:bb:73:79:7f:cf:39:f7:
54:62:fe:9b:44:0c:0b:65:81:cc:9f:d3:bc:2b:55:
53:9c:41:51:15:29:25:a8:2a:77:04:54:0d:70:2e:
97:e9:73:58:81:3a:50:69:c1:1f:43:42:dc:bc:f9:
1e:5a:c6:ab:d8:0b:92:e3:ec:82:05:59:f0:08:dd:
db:30:c0:29:c4:ce:cd:7c:7b:bc:a0:83:1a:00:79:
17:4d:c1:19:2f:dc:c8:68:94:16:af:88:91:fb:c8:
f4:62:99:57:47:66:7a:38:70:58:b7:cd:d0:49:06:
65:69:1a:c3:95:29:1a:5a:0b:bd:4b:ac:60:58:dd:
61:70:ac:8d:87:60:82:a8:2c:be:8d:52:f3:cf:3c:
1c:35:28:9c:fc:59:40:d5:5b:0c:45:e0:ab:6d:38:
81:cd:48:69:1d:09:0c:53:e0:8d:2e:08:2d:db:c4:
6b:f3:4b:d5:0a:6d:a3:45:6f:84:b9:b4:1c:e8:d7:
71:22:71:3e:8c:76:34:ec:ab:ef:3d:3c:3d:f6:7d:
d0:33:27:99:38:4a:29:b3:a3:be:2c:09:e8:b2:63:
3a:5a:06:ef:5c:b5:0a:5e:bc:2d:4b:d3:23:af:fe:
f9:fa:cf:db:b0:98:a1:9a:21:84:f1:b4:d4:90:2c:
aa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:35:0C:92:DB:0C:3E:C1:3E:18:23:CA:67:CB:38:32:2A:59:C8:48
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:61:57:59:72:68:0f:3f:07:b7:06:a2:86:6e:03:ea:e4:05:
53:26:1a:b6:d4:14:0e:77:af:b5:9c:b9:95:e5:33:eb:75:8f:
98:cb:ff:9b:d8:90:76:be:a9:82:32:6f:f2:1b:cd:d5:aa:b7:
92:1a:40:24:0f:1e:39:4f:e6:98:e1:82:e7:21:94:12:25:30:
16:d6:eb:fa:c7:d2:20:fe:e9:eb:39:43:6a:7e:e9:bc:7a:4b:
25:c5:2f:03:2d:69:56:3c:3f:e0:ba:5d:fa:c8:06:9f:cb:b7:
dc:3d:12:e1:99:d8:a6:95:9d:33:26:c0:18:8b:c2:f2:8b:1e:
6a:6a:d5:d9:be:f9:4a:92:58:d0:9e:da:2c:d0:c1:ef:cc:92:
bb:04:37:4f:7c:a4:f7:a9:0f:f6:14:e5:c8:69:58:4b:2d:cb:
ee:0d:57:70:93:c3:02:43:b3:71:19:7e:e2:0d:58:aa:78:8a:
a2:1b:2c:41:38:94:fd:1b:15:23:78:7c:2a:f9:f2:1c:9a:0d:
c6:13:86:63:c8:10:aa:6d:b4:f3:12:16:92:9f:71:49:3f:0b:
63:c9:fb:64:35:1e:57:50:9b:8b:7c:09:8f:62:34:30:0c:0d:
e9:5c:ff:23:22:05:fa:b1:79:e3:bb:11:18:c1:1d:8d:dd:2c:
40:8e:37:8f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP95msCghshHxeCJzb+feAUgZIV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA1MDIwMzQ5MDRaFw0yNjA1MDEwMzU0MDRaMDMxMTAvBgNV
BAMTKDU2MzUwQzkyREIwQzNFQzEzRTE4MjNDQTY3Q0IzODMyMkE1OUM4NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNnEZo1MlTu3N5f88591Ri/ptE
DAtlgcyf07wrVVOcQVEVKSWoKncEVA1wLpfpc1iBOlBpwR9DQty8+R5axqvYC5Lj
7IIFWfAI3dswwCnEzs18e7yggxoAeRdNwRkv3MholBaviJH7yPRimVdHZno4cFi3
zdBJBmVpGsOVKRpaC71LrGBY3WFwrI2HYIKoLL6NUvPPPBw1KJz8WUDVWwxF4Ktt
OIHNSGkdCQxT4I0uCC3bxGvzS9UKbaNFb4S5tBzo13EicT6MdjTsq+89PD32fdAz
J5k4Simzo74sCeiyYzpaBu9ctQpevC1L0yOv/vn6z9uwmKGaIYTxtNSQLKq5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVjUMktsMPsE+GCPKZ8s4MipZyEgwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufRfMA0GCSqGSIb3DQEBCwUAA4IBAQANYVdZcmgPPwe3BqKGbgPq5AVTJhq21BQO
d6+1nLmV5TPrdY+Yy/+b2JB2vqmCMm/yG83VqreSGkAkDx45T+aY4YLnIZQSJTAW
1uv6x9Ig/unrOUNqfum8ekslxS8DLWlWPD/gul36yAafy7fcPRLhmdimlZ0zJsAY
i8Lyix5qatXZvvlKkljQntos0MHvzJK7BDdPfKT3qQ/2FOXIaVhLLcvuDVdwk8MC
Q7NxGX7iDViqeIqiGyxBOJT9GxUjeHwq+fIcmg3GE4ZjyBCqbbTzEhaSn3FJPwtj
yftkNR5XUJuLfAmPYjQwDA3pXP8jIgX6sXnjuxEYwR2N3SxAjjeP
-----END CERTIFICATE-----
Generated at Wed May 7 08:39:44 2025 by rpki-client